Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:Return to office (Score 4, Insightful) 97

They will accept higher costs due to delays and the like with offshoring, if those costs are less than paying the visa fees.

They will abandon paying Americans to do some of the work, and outsource all of it.

The reason this kind of scheme doesn't work is because the costs are different for every company. Some will pay it, some will do more offshoring, and a small number will employ more Americans. The only question is what the proportions will be, and which option your employer chooses. Hope you are in the last group.

Comment Re:Seems like it should be close to useful... (Score 1) 21

Having used machine translation for years, I am well aware that it screws up. Even so, it's very useful and you get used to the mistakes it makes and learn to interpret them.

That said Google's English transcription is better than a human now, and IME is close to flawless. Meta's is probably a lot worse, but the potential is there.

Comment Re:So the drones really only matter (Score 2) 61

Drones don't need air superiority to operate, they rely on numbers to overwhelm. At a recent arms show there was a company offering cardboard drones. Cost in monetary and material terms is getting so low that the challenge becomes mass producing them fast enough to swarm the enemy. Low flying, disposable, and very difficult to stop.

Comment Re:A life of 8500 hours? (Score 3, Informative) 38

The important part is that they are talking about dye-sensitized solar cells (DSSC), not the typical solar panels you put on your house.

DSSCs are attractive because they are very easy and cheap to manufacture, and flexible. But they degrade fast with UV light, and the expected gains in protecting them have not been made. If their life could be extended to a usable amount they would offer an even lower cost option than already extremely cheap conventional solar cells, and open up some new applications.

Comment Wine doesn't run drivers (Score 1) 153

Perhaps this is a golden opportunity for civic minded programmers to spend some time getting WINE to the point where most users can comfortably run WINE instead of Windows XX.

Wine runs in user space. I don't see how Wine could ever run drivers, such as peripheral drivers required by things like the iPhone sync functionality of iTunes or kernel-level anti-cheat required by major online games supporting pickup matches with strangers.

Comment Bootstrapping with stage0 and Mes (Score 1) 19

Start with stage0 (whose binary seed is about 1 KiB) and GNU Mes. Use mescc to build tinycc, then GCC 2.95, then GCC 4.7, then fairly modern GCC, and then use mrustc to build some version of Rust. The time-consuming part is that each version of the Rust toolchain uses fairly new features in the Rust language, so yes, you'll probably have to build the world a couple dozen times starting with the most recent version supported by mrustc.

Comment Kellogg v. Nabisco; Dastar v. TCF (Score 1) 91

So what's the basis of the lawsuit against Disney? There's no damages, so equitable relief? Of what?

You probably guessed correctly: equitable relief in the form of an injunction against Disney bringing a trademark lawsuit. I haven't read the complaint, but I'd be surprised if it didn't cite Kellogg and Dastar.

The Supreme Court of the United States has decided a few cases about the interaction between the Lanham Act, which inclues trademark law, and exclusive rights pursuant to the Copyright Clause. Key cases includes Kellogg Co. v. National Biscuit Co., 305 U.S. 111 (1938), and Dastar Corp. v. Twentieth Century Fox Film Corp., 539 U.S. 23 (2003). In both cases, the Court ruled that the Lanham Act cannot be used to extend the effective term of exclusive rights in an invention whose patent has expired or a work whose copyright has expired. Disney's legal counsel ought to be familiar with the latter case, seeing as it involved a company that is now a subsidiary of Disney.

Comment Trusting trust when bootstrapping a compiler (Score 1) 19

From the article:

The Go project recently arranged for Go itself to be completely reproducible given only the source code, meaning that although a build needs some computer running some operating system and some earlier Go toolchain, none of those choices matters."

[...]

The Multics review is famous for pointing out the possibility of adding a back door to a compiler to insert back doors in critical system programs during compilation [...]. Reading the report inspired Ken Thompson to implement exactly that attack on an early Unix system, probably in early 1975. He later explained the attack in his 1983 Turing Award lecture, published in Communications as "Reflections on Trusting Trust."

David A. Wheeler described a defense against a back door that propagates through the compiler in a 2009 PhD dissertation titled Fully Countering Trusting Trust through Diverse Double-Compiling . Diverse double-compiling (DDC) involves choosing two or more other independently developed compilers A and B for a language, bootstrapping compiler C from source code through each of them (building C with A or B and then building C with itself), and ensuring that the output is byte-identical. This relies on previous effort to make builds reproducible.

However, DDC also relies on having more than one implementation of a particular language. Go and Rust each have only one widely used implementation. This means someone trying to wrangle a supply chain has to do one of three things: trust a particular old version of a compiler not to have a back door, compile every version since the dawn of the language (such as when Rust was prototyped in OCaml), or implement a usable subset of the language in a more widely implemented language. This is why mrustc is so important, as it's a way to skip forward by several years' worth of versions when bootstrapping a Rust compiler.

Comment It always comes back to key distribution (Score 2) 19

From the article: "The only problem left is key distribution: The verifier must know who should have signed the code. [...] To the extent that questions of identity can be solved, having authors sign their software can provide even stronger guarantees." It goes on to describe how Debian and Go package repositories include the expected hash value of a package, so that package downloading tools can reject a package that has been replaced.

However, the approach used by Debian to verify developers' identity, that of new developers physically meeting existing trusted developers at key signing parties to exchange OpenPGP public keys, doesn't scale very well. A lot of contributors are disconnected from the strongly connected set of the web of trust because they cannot travel to key signing parties. This can be because of cost, work or child care scheduling, regulatory restrictions related to geopolitics, or regulatory restrictions related to public health (most recently during 2020-2021). These disconnected contributors must forever rely on the bottleneck of "sponsors" (trusted developers who forward packages from the maintainer to the distribution) to get their work into a distribution.

And sponsors are indeed a bottleneck. From the article: "And then you need to be ready to update to a fixed version of that dependency." When a package's upstream maintainer releases an updated version of a package, the package's sponsor in a particular distribution may be too busy with other tasks to handle it the same day. This can mean that there is no available labor to forward the update to the rolling distribution and backport the fix to the version of the package in a stable distribution.

Comment Re:blocked, not can't (Score 1) 153

It was never really about the capability of the hardware to run Windows 11, it was about Microsoft's desire to cut costs by not having to support it. Every supported configuration has to be tested, and if issues are found relating to 10 year old drivers, they have to be fixed.

What we really need is a law to set the minimum support term, say 10 years after the last official sale. For Windows 10 that would be 2031. Even that might not be enough though - both Microsoft and Apple are notorious for releasing updates that cripple performance on older hardware.

Slashdot Top Deals

Your fault -- core dumped

Working...